Cryptographic Coprocessor

Cryptographic Coprocessor

Czech Technical University in Prague Faculty of Electrical Engineering Department of Computer Science and Engineering Master’s Thesis Cryptographic coprocessor Bc. Tomáš Davidovič Supervisor: Ing. Martin Novotný Study Programme: Electrical Engineering and Information Technology Field of Study: Computer Science and Engineering January 26, 2011 iv Acknowledgments I would like to thank Ing. Martin Novotný for his invaluable leadership in this project, my family for its unyielding support and the uncountable colleagues and friends who always had a kind word or two in the times of crisis. I would also like to thank the CESNET association for giving me the opportunity to evaluate this coprocessor on their Combo6X PCI board. v vi Declaration I hereby declare that I have completed this thesis independently and that I have listed all the literature and publications used. I have no objection to usage of this work in compliance with the act §60 Zákona č. 121/2000Sb. (copyright law), and with the rights connected with the copyright act including the changes in the act. V Praze dne 27.4. 2005 ............................................................. vii viii Abstract This thesis deals with a design of a versatile cryptographic coprocessor for Elliptic Curve Cryptography dedicated for cryptographic operations over binary finite field, GF (2m). The processor can work with (almost) any binary finite field of order (cardinality, number of elements) between 22 and 21000, can operate over either affine or projective coordinates and can use either polynomial basis or normal basis represenatation of field elements. The change of coordinate system is realized by a replacement of a controllers microprogram. The change of basis is done by replacement of appropriate arithmetic units and a minor change in a microprogram. We use a Combo6X card as an implementation platform. We compare various processor configurations in area, frequency and clock cycles spent on the basic operation, scalar multiplication of a point on a curve. We also evaluate total time per single multiplication to determine whether PCI bus latencies prevent us from using Combo6X as a dedicated accelerator. Abstrakt Tato práce se zabývá vývojem univerzálního kryptografického koprocesoru pro kryptografii eliptických křivek, určeného pro kryptografické operace nad binarním konečným tělesem GF (2m). Procesor umí pracovat se (skoro) libovolným konečným tělesem (mohutnost, počet prvků) mezi 22 a 21000, umí operovat s jak afiními tak projektivními souřadnicemi a umí používat jak polynomiální tak normální bázi k reprezentaci prvků konečného tělesa. Změna souřadného systému je realizována změnou mikroprogramu řadiče. Změna báze je prováděna výměnou příslušných aritmetických jednotek a drobnými změnami mikropro- gramu. Jako implementační platformu používáme kartu Combo6X. Porovnáváme jednotlivé konfigurace procesoru v ploše, frekvenci a počtu hodinových cyklů, které zabere základní operace, skalární násobek bodu na křivce. Dále vyhodnocujeme celkévý čas spotřebo- vaný na jedno násobení, abychom určili zda-li nám latence PCI sběrnice brání v použití Combo6X jako dedikovaného akcelerátoru. ix x Contents List of Figures xiii List of Tables xv 1 Introduction1 2 Elliptic Curve Cryptography basics3 2.1 Basic elliptic curve mathematics........................3 2.2 Mathematics for Elliptic Curve Cryptography.................4 2.3 Elliptic curves in cryptography.........................5 2.4 Impact on hardware design...........................5 2.4.1 Affine coordinates............................6 2.4.2 Projective coordinates..........................6 2.5 Goals.......................................8 3 Implementation platform9 3.1 Local bus.....................................9 4 Analysis 13 4.1 Top level design.................................. 13 4.2 Coprocessor design................................ 14 4.2.1 Data path................................. 14 4.2.2 Microcontroller.............................. 16 4.3 Squarer and Multiplier.............................. 19 4.3.1 Squarers.................................. 19 4.3.2 Normal basis multiplier......................... 21 4.3.3 Polynomial basis multiplier – multiplication.............. 22 4.3.4 Polynomial basis multiplier – division................. 24 4.4 Verification methods............................... 26 4.4.1 Code coverage.............................. 28 5 Implementation 31 5.1 Top level design.................................. 31 5.2 Data path..................................... 33 5.2.1 Squarers.................................. 34 5.2.2 Normal basis multiplier......................... 35 5.2.3 Polynomial basis multiplier – data path................ 37 5.2.4 Polynomial basis multiplier – controller................ 38 5.3 Verification libraries............................... 39 5.3.1 Random point.............................. 41 5.3.2 Point multiplication........................... 42 5.4 Microcode..................................... 42 6 Results 47 6.1 Verification.................................... 47 6.2 Synthesis..................................... 48 6.3 Performance.................................... 51 xi 6.3.1 Combo6X as accelerator......................... 53 7 Conclusions 55 8 Bibliography 57 A Register names 59 B DVD Content 61 xii List of Figures 2.1 Sum of two different points on an elliptic curve, source [2]..........3 2.2 Add-and-double algorithm for scalar multiplication..............5 2.3 Algorithm for point addition in affine coordinates, taken from [4]......6 2.4 Algorithm for point doubling in projective coordinates, taken from [4]...7 2.5 Algorithm for point addition in projective coordinates, taken from [4]....8 3.1 Combo6X, source [16]..............................9 3.2 Interface card Combo-4SFP, source [16]....................9 3.3 Structure of communication hierarchy in Combo6X test design....... 10 3.4 Signals during write and read operations, taken from [16]........... 11 3.5 Code of memory connected to LBCONN_MEM inverting top 16b of each written 32b word................................. 12 4.1 Top level design of coprocessor in Combo6X.................. 13 4.2 Data path architecture used in [2], figure taken from there.......... 15 4.3 Modified data path architecture used in our design.............. 16 4.4 Microcontroller block diagram.......................... 17 4.5 Examples of conditional jumps......................... 18 4.6 Squaring of 1101 in polynomial basis...................... 20 4.7 XOR network for squaring in GF (24), polynomial basis............ 20 4.8 Normal basis multiplication, taken from [4].................. 21 4.9 Example of multiplication in GF (28) ...................... 22 4.10 Multiplication with immediate reduction.................... 23 4.11 Digit-serial multiplier............................... 24 4.12 Extended Euclid Algorithm flowchart, R1(h0) variant............. 25 4.13 Extended Euclid Algorithm flowchart, h0 variant............... 26 4.14 Example testbench block diagram........................ 28 4.15 Cryptographic coprocessor testbench...................... 29 5.1 Microcode examples for multiplication: a) DistributedRAM, b) BlockRAM. 34 5.2 Polynomial squarer................................ 35 5.3 Loading multiplication matrix. a) the constant declaration, b) filename of file containing the multiplication matrix, c) loading the matrix....... 36 5.4 Block diagram of polynomial multiplication and division........... 37 5.5 Signal declaration for unified register set.................... 38 5.6 Partitioning of division into FSM states.................... 39 5.7 Polynomial multiplier FSM........................... 40 5.8 Left and right shift using reducing polynomial................. 40 5.9 Normal basis multiplication (1) and division (2)................ 44 6.1 Influence of digit-width on number of slices.................. 51 6.2 Coprocessor performance in clock cycles.................... 52 6.3 Coprocessor performance in milliseconds.................... 54 xiii xiv List of Tables 3.1 LBCONN_MEM component connections - Generics............. 10 3.2 LBCONN_MEM component connections - Signals.............. 11 4.1 Control signals in data path........................... 17 4.2 Jump conditions................................. 19 5.1 Control registers................................. 31 5.2 FSM signals.................................... 41 5.3 Microassembler commands............................ 43 5.4 Macros in microassembler............................ 44 6.1 Unit testcases................................... 47 6.2 Scalar multipliation testcases.......................... 48 6.3 Polynomial multiplier variants (m=180, D=6, V2P50)............ 49 6.4 Coprocessor comparison (m=180, V2P50)................... 50 6.5 Average clock cycles performance........................ 53 6.6 Percentage of multiplication to total time................... 53 xv xvi CHAPTER 1. INTRODUCTION 1 1 Introduction The requirement to keep messages secret is almost as old as messages themselves. And where messengers could not be trusted to deliver the messages safely, means had to be devised to prevent unauthorized persons from reading the message contents. Thus ciphers and cryptography have been born. Modern cryptography uses mathematics and computers for message encryption and de- cryption. It divides ciphers into two main categories: • Symmetric ciphers • Asymmetric ciphers Symmetric ciphers, typical example is AES1, use the same key for encryption and de- cryption. These ciphers have fast encryption and decryption, are very strong

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    76 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us